[Sderby] Auto generating firewall rules, is this possible?

Patrick Barber patrick.barber at tiscali.co.uk
Tue May 11 21:18:27 BST 2004 

Mike Hemstock wrote:

>On Tuesday 11 May 2004 20:46, Patrick Barber wrote:
>  
>
>>Ashley Heath wrote:
>>    
>>
>>>Hi all,
>>>
>>>Anyone know of any way to put iptables (or some other software) into learn
>>>mode to automatically generate firewall rules in Linux. I don't want to
>>>have to trawl through masses of logs initially.
>>>
>>>Are there any hardware firewall appliances that will also do the above?
>>>
>>>Main reason being this is for an existing network that has been running
>>>for years and know one is really sure exactly what runs over it and what
>>>needs to be allowed or blocked. If we can get a list of rules then we can
>>>work through them and deny any that shouldn't be there. Denying
>>>everything and then opening ports where necessary is not really an option
>>>as this will impact business operations to much.
>>>
>>>Any other suggestions welcome.
>>>
>>>Cheers,
>>>Ash
>>>
>>>
>>>
>>>
>>>
>>>_______________________________________________
>>>Sderby mailing list
>>>Sderby at mailman.lug.org.uk
>>>http://mailman.lug.org.uk/mailman/listinfo/sderby
>>>Web site: http://sderby.lug.org.uk/
>>>wiki: http://www.sderby.lug.org.uk/cgi-bin/wiki.pl
>>>Join us on IRC: irc.lug.org.uk #sderby
>>>      
>>>
>>The only device i can think of that will produce a list of what running
>>over a WAN link like this is a Packeteers Packetshaper
>>(http://www.packeteer.com/), as for firewall rules, not wishing to teach
>>people to suck eggs,  the basics should be
>>
>>
>>HTTP(S) to anything
>>DNS to named servers
>>POP3/IMAP to named servers
>>SMTP to named servers
>>
>>other things should be to named servers
>>    
>>
>
>Why would you want POP3, IMAP & SMTP connecting to BIND servers?
>
>Mike.
>
>_______________________________________________
>Sderby mailing list
>Sderby at mailman.lug.org.uk
>http://mailman.lug.org.uk/mailman/listinfo/sderby
>Web site: http://sderby.lug.org.uk/
>wiki: http://www.sderby.lug.org.uk/cgi-bin/wiki.pl
>Join us on IRC: irc.lug.org.uk #sderby 
>  
>
ok then specified servers....

-- 

<regards>
Patrick Barber
email: patrick.barber at tiscali.co.uk
irc Channel: irc.lug.org #sderby

Registered Linux User #332139
http://counter.li.org

<thought>
Is the light at the end of the tunnel an on coming train
</thought>

</regards>

More information about the Sderby mailing list